| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in Hypervisor when platform information mentioned is not aligned. |
| Transient DOS in Modem while triggering a camping on an 5G cell. |
| Transient DOS in WLAN Firmware while parsing a NAN management frame. |
| Memory corruption in Core while processing RX intent request. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. |
| Memory corruption while processing MBSSID beacon containing several subelement IE. |
| Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL. |
| Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command. |
| Transient DOS while processing PDU Release command with a parameter PDU ID out of range. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. |
| Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. |
| While processing the authentication message in UE, improper authentication may lead to information disclosure. |
| Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. |
| Memory corruption in MPP performance while accessing DSM watermark using external memory address. |
| Transient DOS in Multi-Mode Call Processor while processing UE policy container. |
| Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. |
